<?php
session_start();

include "db.php";

if (! isset($_POST["ajax"])) {
    exit("wrong access");
}

$pdata = json_decode($_POST["ajax"], true);

if ($pdata["signup"]) {
    if (ifExistUser($pdata["username"])) {
        exit("exist_user");
    }
    global $db;
    $stmt = $db->prepare("insert into users values (:username, :password)");
    $stmt->bindValue(':username', $pdata["username"], SQLITE3_TEXT);
    $stmt->bindValue(":password", generatePassword($pdata["password"]), SQLITE3_TEXT);
    $result = $stmt->execute();
    $_SESSION["username"] = $pdata["username"];
    exit("ok_signup");
}

if (checkPassword($pdata["username"], $pdata["password"]) != 0) {
    echo "password error or no user";
} else {
    $_SESSION["username"] = $pdata["username"];
    echo "ok_signin";
}
?>